Twitter | Search | |
Brute Logic
Another brutal secret revealed! 😎 Payload to bypass simple email validation in PHP "><svg/onload=confirm(1)>".y case #21 check it here:
Reply Retweet Like More
Brute Logic 24 Nov 18
Replying to @brutelogic
It's a simple payload but there's a catch. Here you can see why it can be easily overlooked.
Reply Retweet Like
Thomas Orlita 28 Nov 18
Replying to @brutelogic @x
This is a valid email address by some standards, but is there a way to actually receive and send emails to such address?
Reply Retweet Like
Brute Logic 28 Nov 18
Replying to @ThomasOrlita @x
Good question... And an interesting ATTACK VECTOR too.
Reply Retweet Like
Indian Er Singh 23 Jun 19
Replying to @brutelogic @x
I think you are eligible for Google's $31337 bug bounty program... It's a huge bug... You should report it to google to be eligible for rewards... Thank you...
Reply Retweet Like
Brute Logic 24 Jun 19
Replying to @Singh_sahab205 @x
It's not a bug it's really a feature.
Reply Retweet Like
testboy 24 Nov 18
Replying to @brutelogic @x
found this out a couple years ago too, helped me get quite alot of bounties :)
Reply Retweet Like
p3n73st3r 24 Nov 18
i mostly use xss"><svg/onload=prompt(5)"xss@a.b
Reply Retweet Like
White Egg 👥 24 Nov 18
Replying to @brutelogic @x
Where in the world is it not standard practice to strip special characters from form submissions / post variables?
Reply Retweet Like
Sam "Ver‎ification" Pizzey 24 Nov 18
Valid email addresses should probably be accepted in email address fields.
Reply Retweet Like
Emad Shanab 24 Nov 18
Replying to @brutelogic @x
That’s 31337$ google stored xss payload.
Reply Retweet Like
Eduardo Vela 25 Nov 18
what? :-) xss isn't 31k USD
Reply Retweet Like